<?php
/**
 * create users
 */
session_start();
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<title>Create Users System</title>
</head>
<body>
<form method="post" action="create.php?cm=<?php $cr = rand();echo $cr; ?>">
Create Users<br />
Username :
<input type="text" name="username" maxlength="12"/><br />
Password :
<input type="password" name="pass1" maxlength="40"/><br />
Password :
<input type="password" name="pass1" maxlength="40"/><br />
<input type="submit" name="submit" value="Send"/>
</form>
</body>
</html>
<?php
if (empty($_SESSION['username']))
{
    die('Please Login System');
}
require_once("config.php");
require_once("DB_class.php");
@$cm = $_REQUEST['cm'];
@$user = $_REQUEST['username'];
@$pass = $_REQUEST['pass'];

if (! empty($cm))
{
   if (empty($user))
   {
    die('Username is NULL');
   }
   if (empty($pass1) || empty($pass2))
   {
    die('Password is NULL');
   }
   if ($pass1!=$pass2)
   {
    die('Password is Diff');
   }else {
    $pass=$pass1;
   }
   if (! ctype_alnum($user))
   {
    die ('Username Format Error');
   }else {
            return $u='1';
   }
   if (ctype_alnum($pass))
   {
    die('Password Format Error');
   }else {
            return $ps='1';
   }
   if ($u=='1' && $ps=='1')
    {
        
    }
}
?>